File(s) under permanent embargo
A Conceptual Model for Data-Driven Threat Analysis for Enhancing Cyber Security
conference contribution
posted on 2023-09-04, 10:49 authored by Mohammed KS Alwaheidi, Shareeful Islam, Spyridon PapastergiouTechnology has become increasingly adopted by businesses for achieving overall objectives. Systems within these technologies generate a huge amount of data. It is necessary to identify the data and undertake appropriate controls to protect the data from any potential threats. Data, in general, is different types, such as operational and business which have different costs and impact on the overall business continuity. Threat analysis needs to consider various data types and associated weaknesses related to an organisational context's systems and applications. There are numerous threat models available, but there is a lack of focus on analysing and prioritizing threats relating to the data. This paper presents a data-driven approach for threat analysis and a conceptual model. The model includes several concepts, i.e., actor, infrastructure, data and weakness, to analyse the data and threats from three phases management, control and business. Finally, a running example is used to demonstrate the applicability of the work.
History
Page range
365-374ISSN
2194-5365External DOI
Publisher
Springer International PublishingISBN
9783031140532Conference proceeding
Advances in Intelligent Systems and ComputingName of event
The International Conference on Innovations in Computing ResearchFile version
- Accepted version
Language
- eng
Legacy posted date
2022-09-06Legacy creation date
2022-09-06Legacy Faculty/School/Department
Faculty of Science & EngineeringUsage metrics
Categories
No categories selectedLicence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC